Netherlands
Strategy & Technology | Applied AI & Cyber Threat Intelligence I am a strategy and technology leader driving the evolution of cyber threat intelligence (CTI) into an autonomous, AI-first ecosystem. Operating at the intersection of business strategy and rigorous technical execution, I focus on operationalizing AI to solve complex engineering challenges and navigate the evolving adversarial AI threat landscape. Applied AI & Security Engineering Currently at Google Threat Intelligence, my work centers on rapid prototyping and scalable intelligence delivery. I build and test hypothesis-driven proofs-of-concept (POCs) and engineer AI-centric workflows that automate complex CTI processes. By gaining hands-on mastery of security tooling and architecture, I effectively bridge the gap between deep engineering systems and high-level executive objectives—turning analytical expertise into production-ready, intelligence-led action. Core Expertise & Foundation My strategic vision is grounded in a strong foundation of leading world-class operational teams in OT/ICS Cybersecurity and Information Operations (IO). My key strength is versatility: I translate complex technical topics into clear, actionable strategies. By consolidating diverse teams, I drive the novel tool development and process automation necessary to keep organizations ahead of emerging threats. Thought Leadership & Background An active speaker at international conferences, I bring a uniquely broad perspective shaped by my prior roles as a Fulbright Scholar, journalist, and ghostwriter for the UN’s Girls in ICT program. I connect the technical, the strategic, and the human element to deliver transformative organizational impact.
Operating at the frontier of cyber threat intelligence (CTI) within the Applied Intelligence team, I am driving the evolution of Google Threat Intelligence (GTI) toward an autonomous, user-centric, and AI-first ecosystem. To strengthen my foundation for future technical leadership, I deliberately transitioned into a Security Engineering focus. This shift allows me to gain hands-on mastery of our core security tooling, architecture, and data pipelines. By grounding my organizational and strategic background in rigorous technical execution, I am better equipped to bridge the gap between complex engineering systems and high-level business objectives. In this capacity, my work centers on rapid prototyping and the scalable delivery of intelligence. Operating in a high-velocity environment, I build and test hypothesis-driven proofs-of-concept (POCs) to uncover the most effective paths for production-ready AI capabilities. By engineering innovative, AI-centric workflows, we allow our threat coverage to scale exponentially. This continuous cycle of experimentation and automation ensures we stay ahead of the tools defining the future of CTI, ultimately turning Google's deep analytical expertise into scalable solutions that drive autonomous, intelligence-led action.
During a pivotal organizational restructuring to adapt to the new AI reality, I served in a strategic transition role at Google Threat Intelligence. Operating at the intersection of business strategy, technology, and organizational transformation, I guided the organization through this shift to ensure our engineering resources and operational models were aligned with our highest-impact security missions. - Unified Technology Prioritization: Architected and rolled out a framework for capability development, conducting stakeholder analysis and data visualizations to align technology requests with strategic business goals. - Strategic Team Dynamics Restructuring: Re-engineered collaboration model between CTI and malware analysis teams, moving to an embedded partnership that maximized technical expertise on critical missions. - AI Strategy & the Prompting Guild: Co-led a high-impact initiative to enhance AI usage, overseeing the development of production-grade prompts for the Agentic GTI platform while establishing a community of practice. - Cross-Functional Enablement: Acted as organizational "force multiplier" by unblocking engineering efforts for critical toolsets and providing thought leadership to bridge gaps between analyst needs and productization.
I lead the technical branches of our cyber physical and information operations threat intelligence teams. My role includes a variety of activities that range from coordinating the development of solutions for threat hunting and data analysis, to overseeing the production of strategic coverage. Additionally, I participate regularly as a speaker in international conferences mainly discussing topics related to Industrial Control Systems (ICS) / Operational Technology (OT).
• Lead the technical analysis team to develop methodologies to hunt for malicious ICS/OT samples (Snort/Yara), define mechanisms for automated intelligence processing and collections, and research on observed threat activity. • Designed and coordinated the implementation of a software tool to integrate heterogeneous data into a comprehensive platform to support operational technology vulnerability assessments. The product has generated over one million dollars in revenue. • Automated the creation of intelligence reports leveraging open and proprietary sources. The topics for these reports include anomalies in ICS network traffic, internet-exposed OT assets, malware distribution, and ICS vulnerabilities, among others. This involves restructuring intelligence production to automate data pipelines from collection to distribution of end products. • Collaboratively created the cyber-physical team strategy to address customer needs and project thought leadership. This included conceptualizing on report topics, blogs and publications, and coordinating automation projects. • Created a collection tool to retrieve information from public vulnerability disclosures and provided a systematic analysis. • Coordinated the development of in-depth risk assessment reports for organizations across multiple industry verticals. • Develop and provide trainings on a range of topics including: Introduction to OT Security, Cyber Threat Intelligence Foundations, Threat Actor Attribution, and tailored Hunt Mission Workshops. Speaker Engagements: RSA 2020, CS3STHLM 2020, ICSJWG 2018/2019, CYCON 2019, AFPM Operations & Process Technology Summit, IIoT World Days 2020, ICS Village Hack the Capitol 2019, VB 2019/2020, U-Gob Lab Summit 2020. Training: SANS 612 ICS Security In-Depth, SANS 515 Active Defense, CISA ICS Cybersecurity 401 and 301, FireEye Mandiant Consulting 101, FireEye Binary Triage. Certified CISSP, CSAP (CompTIA CySA+ and Security+) and AWS Cloud Practitioner.
- Designed and implemented a software tool to integrate heterogeneous data into a comprehensive platform to support operational technology vulnerability assessments. The product has generated close to one million dollars in revenue. - Automated the creation of intelligence reports on anomalies in ICS network traffic by developing capabilities to assess potential malicious activity leveraging open source indicators. - Created a collection tool to retrieve information from public vulnerability disclosures and provided a systematic analysis. Tool was created in Python using Scrapy. - Collaborated on developing the cyber-physical team strategy, conceptualizing report topics and automation projects and determining their order of prioritization. - Developed methodologies for the detection of malicious ICS/OT samples (Snort/Yara). - Oversaw, edited, wrote, and proposed cyber threat intelligence reports related to cyber-physical systems. Examples of cyber-physical systems include industrial control systems, critical infrastructure, transportation, building automation, and medical devices. -Coordinated the elaboration of in-depth risk assessment reports for organizations across multiple industry verticals. - Tested and analyzed methodologies for streamlining the training process of new entrants to OT/ICS cybersecurity
ITU is the United Nations specialized agency for information and communication technologies (ICTs) - Conducted research and generated written content about policies, social plans and projects pertaining digital inclusion (English, Spanish, French, and Portuguese) - Achieved four times increase in the number of visits to the Digital Inclusion Newslog over 2016 and sustained it through 2017-2018 - Managed the “Girls in ICT” campaign’s website and social media channels based on online metrics
- Researched services, practices, and programs that foster civic engagement in public libraries through technology. Wrote and delivered a report evaluating these programs’ effectiveness. - Performed research on case studies that measured the level of digital inclusion and technical capabilities across countries. Research supported a collaborator’s report that was delivered to the United Nations.